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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims; 

1-20. (canceled) 

21. (previously presented) A machine-executed method for verifying the existence of 
a trusted path to a user in a computing system, the computer system including a 
trusted computing environment, the method comprising the following steps conducted 
in sequence: 

(a) upon login by a user, automatically assigning a process identifier to the 
user in the trusted computing environment; 

(b) storing the assigned process identifier in trusted memory; 

(c) establishing a trusted path between the user and the trusted computing 
environment; 

(d) through the trusted path, displaying the process identifier to the user; 

and 

(e) upon the user's subsequent entry into the trusted computing 
environment, automatically displaying the process identifier to the user through the 
trusted path so that the user is assured that the trusted path has been established. 

22. (previously presented) The method of claim 21, wherein the process identifier is a 
randomly or pseudo-randomly generated group of alphanumeric characters. 

23. (previously presented) The method of claim 21, wherein the process identifier is 
pronounceable. 

24. (previously presented) An automatic data processing machine programmed to 
execute the method of claim 21 . 
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25. (previously presented) An automatic data processing machine comprising means 
for performing the method steps of claim 21 . 

26. (previously presented) A program storage device readable by a machine and 
tangibly embodying a representation of a program of instructions adaptable to be 
executed by said machine to perform the method of claim 21. 

27. (previously presented) An apparatus for executing a trusted command that is 
issued by a user comprising: 

(a) untrusted parsing means for generating a trusted parsed command; 

(b) trusted means for receiving the trusted parsed command via a trusted 

path; 

(c) means for displaying a representation of the trusted parsed command to 
the user for verification; and 

(d) trusted means for executing the verified trusted parsed command. 

28. (canceled) 

29. (previously presented) The apparatus according to claim 27, where the display 
means automatically displays the representation of the trusted parsed command to the 
user for verification. 

30. (previously presented) The apparatus according to claim 27, further comprising: 

means for initially inputting a process identifier by the user; and 

memory for storing the process identifier, wherein the representation of the 

trusted parsed command displayed to the user for verification constitutes the process 

identifier. 

31-32. (canceled) 

33. (currently amended) Th e apparatus according to claim 32, further comprising: 
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An apparatus for controlling the execution by a machine of a trusted command 
that is issued by a user with user identification data comprising: 

(a) untrusted parsing means for generating a parsed trusted command; 

fb) means, readable by the machine, for causing the machine to receive the 
user identification data from the user; 

(c) means, readable by the machine, for causing the machine to receive the 
parsed trusted command from the untrusted parsing means; 

fd) means, readable by the machine, for causing the machine to perform a 
security check on the parsed trusted command and a security check on the user 
identification data; (e) means, readable by the machine, for causing the machine to 
execute the parsed trusted command; 

ffi-(f) means, readable by the machine, for causing the machine to display a 
representation of the parsed command to the user; 

(¥ h(g) means, readable by the machine, for causing the machine to receive a 
signal from the user signifying whether the displayed representation accurately 
represents the trusted command; and 

££Hh) means, readable by the machine, for preventing the machine from 
executing the trusted command if the signal signifies that the parsed command does 
not accurately represent the trusted command. 

34. (currently amended) The apparatus according to claim 32, further comprising: 

An apparatus for controlling the execution by a machine of a trusted command 
that is issued by a user with user identification data comprising: 

( a) untrusted parsing means for generating a parsed trusted command; 

(b) means, readable by the machine, for causing the machine to receive the 
user identification data from the user; 

(c) means, readable by the machine, for causing the machine to receive the 
parsed trusted command from the untrusted parsing means; 

(d) means, readable by the machine, for causing the machine to perform a 
security check on the parsed trusted command and a security check on the user 
identification data; 
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(e) means, readable by the machine, for causing the machine to execute the 
parsed trusted command 

<44-(f) means, readable by the machine, for causing the machine to display a 
representation of the parsed command to a second user; 

(2)-[g) means, readable by the machine, for causing the machine to receive a 
signal from the second user signifying whether the displayed representation accurately 
represents a legitimate command; and 

££Kh) means, readable by the machine, for preventing the machine from 
executing the trusted command if the signal signifies that the parsed command does 
not accurately represent a legitimate command. 

35. (previously presented) An automatic data processing machine programmed to 
execute the method of claim 22. 

36. (previously presented) An automatic data processing machine programmed to 
execute the method of claim 23. 

37. (previously presented) An automatic data processing machine comprising means 
for performing the method steps of claim 22. 

38. (previously presented) An automatic data processing machine comprising means 
for performing the method steps of claim 23. 

39. (previously presented) A program storage device readable by a machine and 
tangibly embodying a representation of a program of instructions adaptable to be 
executed by said machine to perform the method of claim 22. 

40. (previously presented) A program storage device readable by a machine and 
tangibly embodying a representation of a program of instructions adaptable to be 
executed by said machine to perform the method of claim 23. 
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41. (previously presented) The apparatus according to claim 27, further comprising: 
means, readable by the machine, for causing the machine to receive a signal 

from the user signifying whether the displayed representation accurately represents 

the trusted command; and 

means, readable by the machine, for preventing the machine from executing 

the trusted command if the signal signifies that the parsed command does not 

accurately represent the trusted command. 
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